<?php 
	session_start();
	$email = security($_POST['email']);
	$pass = md5(security($_POST['pass']));

	$data = $koneksi->query("select id_member, nama_lengkap, id_session from member where email='$email' and pass='$pass' and blokir = 'N'");
	$r = $data->fetch(PDO::FETCH_ASSOC);

	$ketemu = $data->rowCount();
	
	$ses_lama = $_SESSION['id_session'];
	
	//apabila username ketemu
	if($ketemu > 0) {
		//daftarkan session ke server
		session_register("id_member");
		session_register("nama");
		session_register("id_session");
		
		//isi dari variabel session
		$_SESSION['id_member'] = "$r[id_member]";
		$_SESSION['nama'] = "$r[nama_lengkap]";
		$_SESSION['id_session'] = "$r[id_session]";
		
		
		$sttmt = $koneksi->exec("update order_temp set id_session = '$r[id_session]' where id_session = '$ses_lama'");
		echo "<meta http-equiv='refresh' content='0; url=home.aspx'>"; 
	}else{
		echo "<center><b>Login gagal! Username atau Password tidak benar</b><br>";
		echo "<a href=index.php><b>ULANGI LAGI</b></a></center>"; 
	}
?>